Thank you for your prompt attention to this matter and thank you for using Citibank!

Regards,

Jonathan Hightower
Head of Citi® Identity Theft Solutions

Copyright A9 2004 Citicorp. All rights reserved.

Origins:
This is yet another
garden-variety phishing scheme directed at customers of Citibank. Clicking the link provided in the body of the message (deactivated in the example above) pops up a phony "ATM/Debit Card PIN number" update form which prompts the user to enter his ATM/Debit Card number, PIN, and checking or savings account number. The update form does not originate with or send information to the genuine Citibank site; it is actually loaded from a server (evanzo-server.de) in Bremen, Germany.